Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.07.2013, 07:36   #1
eRco62
 
Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam. - Standard

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.



sehr geehrten gelben engel
ich habe ein problem was ich alleine nicht mehr beseitigen kann.
seit geraumer zeit wurde mein internet immer langsamer und ich konnte mir nicht vorstellen wieso,also wurde es zeit meinen computer mal genauer zu inspizieren und siehe da,mehrere gleiche einträge im task manager und nicht deinstallierbare dateien auf dem system.
genauer gesagt geht es um Yontoo 2.051 ich habe in einem anderen thread auf dieser seite etwas über frühere version gelesen - aber da ich die forum gebrauchs anweisung gelesen habe wollte ich nicht explizit dieses tutorial verwenden um mein pc wieder auf die beine zu bekommen.ich bin dankbar für jede hilfe.. mfg

hier sind noch meine system daten:

Windows 7 Home Premium
Service Pack 1
Acer-Predator G5910
i7-2600 CPU
8GB Ram
64 Bit
45,5gb SSD (System platte)
931gb Festplatte(Daten platte)

Hoffe ich habe nichts vergessen und ihr könnt mir so schnell wie möglich helfen


-OTL LogOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 18.07.2013 08:24:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\erco\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,48 Gb Available Physical Memory | 81,20% Memory free
15,96 Gb Paging File | 14,25 Gb Available in Paging File | 89,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 45,53 Gb Total Space | 1,88 Gb Free Space | 4,14% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 709,64 Gb Free Space | 76,18% Space Free | Partition Type: NTFS
 
Computer Name: ERCO-PC | User Name: erco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.07.18 08:23:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\erco\Desktop\OTL.exe
PRC - [2013.06.18 16:21:38 | 000,017,304 | ---- | M] (Mozilla Corporation) -- D:\plugin-container.exe
PRC - [2013.06.18 16:21:11 | 000,920,472 | ---- | M] (Mozilla Corporation) -- D:\firefox.exe
PRC - [2013.06.12 08:20:21 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
PRC - [2013.05.16 16:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.05.16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.05.12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.03.23 03:56:36 | 000,042,784 | ---- | M] (Yontoo LLC) -- C:\Users\erco\AppData\Roaming\Yontoo\YontooDesktop.exe
PRC - [2013.03.23 03:56:36 | 000,023,552 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.05.30 04:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2011.04.02 23:34:42 | 000,340,848 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2011.04.02 23:09:38 | 000,173,424 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
PRC - [2011.03.29 04:49:06 | 000,408,432 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2011.03.29 04:48:54 | 000,202,608 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.11.24 12:08:06 | 000,021,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe
PRC - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.07.18 08:03:45 | 000,013,600 | ---- | M] () -- C:\Users\erco\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll
MOD - [2013.07.11 21:05:13 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013.07.11 21:05:09 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013.07.11 21:04:59 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013.07.11 21:04:58 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013.07.11 21:04:57 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013.07.11 21:04:54 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013.06.18 16:21:30 | 003,285,912 | ---- | M] () -- D:\mozjs.dll
MOD - [2013.06.12 08:20:20 | 016,033,160 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
MOD - [2013.05.16 07:33:37 | 002,052,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013.05.16 07:33:36 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012.10.05 12:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011.12.25 22:42:15 | 005,255,168 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010.11.21 05:24:25 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2010.11.21 05:23:56 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.07.10 03:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.06.18 16:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.12 08:20:21 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.05.12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.03.01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.05.30 04:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2011.04.02 23:09:38 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010.11.24 12:08:06 | 000,021,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe -- (XTUService)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 23:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.06.02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.03.01 03:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2013.02.25 07:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.12.13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.04.09 16:27:34 | 000,352,144 | ---- | M] (EldoS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cbfs3.sys -- (cbfs3)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.07.13 10:49:19 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011.07.13 10:49:19 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011.07.13 10:49:19 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011.06.30 08:03:04 | 000,054,784 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.06.30 08:03:02 | 000,077,696 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 10:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.09.21 08:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010.09.14 03:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.08.18 00:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2010.08.11 05:40:06 | 001,014,624 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010.06.09 10:00:14 | 000,028,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelsmb.sys -- (smbusp)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010.09.15 14:30:50 | 000,034,304 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\iOCbios.sys -- (IOCBIOS)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: D:\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: D:\plugins
 
[2013.04.03 13:16:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\erco\AppData\Roaming\mozilla\Extensions
[2013.06.30 13:39:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\erco\AppData\Roaming\mozilla\Firefox\Profiles\4ysakuib.default\extensions
[2013.06.29 13:37:07 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\erco\AppData\Roaming\mozilla\Firefox\Profiles\4ysakuib.default\extensions\ich@maltegoetz.de
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [Yontoo Desktop] C:\Users\erco\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA2AAAE7-88EA-4B2E-8C0B-C6ADA4707D50}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.18 08:23:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\erco\Desktop\OTL.exe
[2013.07.13 15:13:21 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.07.13 15:13:21 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.07.13 15:13:20 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.07.13 15:13:20 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.07.13 15:13:20 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.07.13 15:13:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.07.13 15:13:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.07.13 15:13:20 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.07.13 15:13:20 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.07.13 15:13:20 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.07.13 15:13:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.07.13 15:13:19 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.07.13 15:13:19 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.07.13 15:13:19 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.07.13 15:13:19 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.07.11 22:28:33 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.07.11 22:28:31 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.07.10 18:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.07.10 14:27:21 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.07.10 14:27:19 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.07.10 14:00:12 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.07.06 15:48:21 | 000,000,000 | ---D | C] -- C:\Users\erco\AppData\Local\EgisTec
[2013.07.03 12:15:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.07.01 21:39:50 | 000,000,000 | ---D | C] -- C:\Users\erco\AppData\Local\NVIDIA
[2013.07.01 21:38:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.07.01 21:38:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.07.01 21:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013.07.01 21:38:01 | 006,491,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.07.01 21:38:01 | 003,514,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.07.01 21:38:01 | 002,555,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.07.01 21:38:01 | 000,237,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.07.01 21:38:01 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.07.01 21:37:50 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.07.01 21:37:50 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.07.01 21:37:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.07.01 21:36:31 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2013.07.01 21:36:31 | 000,194,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.07.01 21:36:31 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.07.01 21:36:28 | 015,910,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.07.01 21:36:28 | 013,403,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.07.01 21:36:28 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.07.01 21:36:28 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.07.01 21:36:28 | 001,059,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.07.01 21:36:28 | 000,925,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.07.01 21:36:27 | 027,775,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.07.01 21:36:26 | 021,096,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.07.01 21:36:26 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432018.dll
[2013.07.01 21:36:26 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432018.dll
[2013.07.01 21:36:26 | 000,550,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013.07.01 21:36:26 | 000,518,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013.07.01 21:36:26 | 000,443,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013.07.01 21:36:26 | 000,421,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013.07.01 21:36:26 | 000,266,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.07.01 21:36:26 | 000,218,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013.07.01 21:36:26 | 000,214,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.07.01 21:36:26 | 000,181,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013.07.01 21:36:25 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.07.01 21:36:25 | 015,143,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.07.01 21:36:25 | 012,426,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.07.01 21:36:25 | 009,233,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.07.01 21:36:25 | 007,682,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.07.01 21:36:25 | 002,942,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.07.01 21:36:25 | 002,754,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.07.01 21:36:25 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.07.01 21:36:25 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.07.01 21:36:24 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.07.01 21:36:24 | 002,935,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.07.01 21:36:24 | 002,597,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.07.01 21:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.07.01 21:29:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.07.01 21:29:35 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.07.01 21:29:35 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.07.01 21:29:34 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.07.01 21:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.06.29 15:07:52 | 000,000,000 | R--D | C] -- C:\Users\erco\Documents\Scanned Documents
[2013.06.29 15:07:52 | 000,000,000 | ---D | C] -- C:\Users\erco\Documents\Fax
[2013.06.27 02:06:03 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.06.19 15:14:19 | 000,000,000 | ---D | C] -- C:\Users\erco\Desktop\wqwqee
[2013.06.19 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\erco\Desktop\sam1 Project
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.18 08:23:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\erco\Desktop\OTL.exe
[2013.07.18 08:23:09 | 000,000,000 | ---- | M] () -- C:\Users\erco\defogger_reenable
[2013.07.18 08:22:26 | 000,050,477 | ---- | M] () -- C:\Users\erco\Desktop\Defogger.exe
[2013.07.18 08:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.18 08:10:30 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.18 08:10:30 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.18 08:07:36 | 001,614,036 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.18 08:07:36 | 000,697,072 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.18 08:07:36 | 000,652,390 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.18 08:07:36 | 000,148,110 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.18 08:07:36 | 000,121,064 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.18 08:03:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.18 08:03:22 | 2133,303,295 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.15 15:02:10 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\Registry Optimizer_DEFAULT.job
[2013.07.12 13:42:14 | 000,275,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.10 14:39:13 | 000,000,302 | ---- | M] () -- C:\Windows\tasks\Registry Optimizer_UPDATES.job
[2013.07.03 12:15:43 | 000,000,500 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.07.01 21:39:18 | 000,001,355 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013.07.01 21:29:15 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.07.01 21:29:14 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.07.01 21:29:14 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.07.01 13:44:17 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk
[2013.06.29 15:14:10 | 000,217,520 | ---- | M] () -- C:\Users\erco\Desktop\Bensen.jpeg
[2013.06.29 15:12:43 | 000,199,241 | ---- | M] () -- C:\Users\erco\Desktop\Bensen 2.jpeg
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.18 08:23:09 | 000,000,000 | ---- | C] () -- C:\Users\erco\defogger_reenable
[2013.07.18 08:22:26 | 000,050,477 | ---- | C] () -- C:\Users\erco\Desktop\Defogger.exe
[2013.07.03 12:15:43 | 000,000,500 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.07.03 12:15:43 | 000,000,500 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.07.01 21:39:18 | 000,001,355 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013.07.01 21:38:01 | 003,165,737 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.07.01 21:36:26 | 000,020,536 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013.07.01 13:44:17 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk
[2013.06.29 15:12:09 | 000,199,241 | ---- | C] () -- C:\Users\erco\Desktop\Bensen 2.jpeg
[2013.06.29 15:09:16 | 000,217,520 | ---- | C] () -- C:\Users\erco\Desktop\Bensen.jpeg
[2013.04.10 12:33:41 | 001,640,718 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.01 03:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 168 bytes -> C:\Users\erco\Desktop\Bensen.jpeg:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 168 bytes -> C:\Users\erco\Desktop\Bensen 2.jpeg:3or4kl4x13tuuug3Byamue2s4b

< End of report >
         
--- --- ---


--OTL ExtrasOTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 18.07.2013 08:24:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\erco\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,48 Gb Available Physical Memory | 81,20% Memory free
15,96 Gb Paging File | 14,25 Gb Available in Paging File | 89,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 45,53 Gb Total Space | 1,88 Gb Free Space | 4,14% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 709,64 Gb Free Space | 76,18% Space Free | Partition Type: NTFS
 
Computer Name: ERCO-PC | User Name: erco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05D1E353-F46E-49E2-AC3C-DD1E3DDF6684}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0E01A707-0470-4B61-99A5-DF6AF5B44509}" = rport=137 | protocol=17 | dir=out | app=system | 
"{12E7A46A-AAF2-42C9-BA1B-295EC462A738}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{13A06A8E-50C2-4736-9718-D382821B1EB5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1FF72C67-E7B1-4C75-BA28-F78DF2376282}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{24687186-D20B-4C40-91FB-F152CA0F065D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{24CE3A09-968F-42F6-A585-CE5AE8D1F43B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{559E587D-57C3-4FC2-A672-216E3897CD9F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{58D27D30-3697-4AE3-A0A0-02FC79D2E3E6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{67F12AEF-6852-43CB-9567-8A6904C3E435}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{743FE5C5-9302-4052-B07F-7749F91F80DD}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{7F4E131B-38F1-475D-A667-DC3CB4F0950F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{885A2E53-37E0-44E1-913E-D19884EEFF17}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{88CEA867-3B4E-4613-B2AB-24F6BE6F9511}" = rport=139 | protocol=6 | dir=out | app=system | 
"{8D64F689-9CE2-47E6-85B4-2D604B265E76}" = lport=445 | protocol=6 | dir=in | app=system | 
"{8DDDFECC-E0C8-452E-AD89-BB2FAD2444F1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{95B32229-93AB-405A-9FCE-6A7D3B96EE0A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{A037196D-9654-4382-B8DC-0E0F952ECE1C}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A23C3AA3-CA93-48F0-B1FE-9D7ABCA6DEA0}" = rport=445 | protocol=6 | dir=out | app=system | 
"{AE67CB13-F70F-4367-A291-0B47D6488EF6}" = lport=138 | protocol=17 | dir=in | app=system | 
"{C3B8EB12-6958-4F57-A7BC-46F76150D3CB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D2AECA62-920C-4FC8-B7AB-A089D41A1B96}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E9DAB276-8462-44DE-B5C4-DCF55A9601F5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EB6BAE8A-AC98-4ECD-93BC-054E8B6A2461}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{FE4F1080-44ED-4ABB-9252-7AF4C17D3993}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{012DDBE4-87C9-4F0B-8298-5B89577EF3D4}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{0D475C70-4670-479F-B765-29645614E076}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat | 
"{142B749A-AAB7-4F36-A297-AC0ADF6B6BD2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1A4761E9-4E78-41E3-9F04-B39CE724CCE8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{1B3084FF-ED9F-46B6-A488-6096337A9CAD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{20D97119-7F4E-40CF-A8B2-0F26417313BA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{31BA6502-D138-4BE5-AE87-A390E8433854}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{331F2EB4-DB3A-4BB8-8329-10C732C69BC8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{42A0E2D9-CDF3-4510-86D2-C3DEFA48DA10}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{43624CB0-5759-4D8A-B1E8-AAF07F9D3ED7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{45FEB496-5133-46DE-8E5A-9505123CD309}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{487ECE64-9DA9-4E0E-89EA-386CB56EBFF4}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"{4A9FC733-4705-4102-9C79-086243313D02}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat | 
"{57056E28-1C49-4C45-832C-92CC3EDD2AFA}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{5BD4A853-4EC2-47DC-953D-CAAE4AC2BD3A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{5CA96B84-D6B8-4E11-A80F-0D1D1A660B78}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{5DD73375-4D2A-462E-AC46-323A89709FE6}" = protocol=6 | dir=in | app=d:\steam\steam.exe | 
"{70CA837A-1A02-4DA9-9AB7-8BDDD90D3F8D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{70E239D1-2AF3-43BA-9F7B-DA93C20276A2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{78C7FC2A-F060-48B4-9F86-094200AC9FBF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"{7DE39214-5D44-44F2-AE1E-53D7C7DF931D}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{814FC45A-4E93-4BF8-A6FC-78220B31D540}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{81C7EAE3-B8C4-4AAA-B85A-C2BE0D7893A7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe | 
"{89D19E46-8465-4404-BADC-A5339264202A}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{93FCAF22-BD44-4850-8FA6-16C040FA5481}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{94B388AB-AB5E-4720-A59E-BC7AFAA4F81F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{95A12E56-2AE9-4CD8-A0FD-3CB8C2B4D7B5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike source\hl2.exe | 
"{979DD0EB-8CB0-4CE5-AFDC-EF29E2E191B9}" = protocol=6 | dir=in | app=c:\users\erco\appdata\roaming\utorrent\utorrent.exe | 
"{9D7D0BA0-7E30-48DE-9B85-1CB009D811A0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A718F8CD-DE9A-49F6-9B97-B06F4CB6925A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{A869D649-2FCB-467A-A6EE-C1D484C9CAFE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike source\hl2.exe | 
"{A91ADEE0-506E-4619-A427-76B08D529D89}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{B4CA2E1F-ECD6-4561-A266-E01F42253CA3}" = protocol=17 | dir=in | app=c:\users\erco\appdata\roaming\utorrent\utorrent.exe | 
"{BD14ABC2-B451-4AE7-A925-8B6D07C2C97C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CBB0B9EA-297E-4719-B34F-86A0754DB981}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CC3FEDC8-3FA6-4832-B528-48A169D79091}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D1579C8F-7BC4-442E-9D32-2F0E31BCEC72}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D35FC5E0-FCA6-4D7B-B632-07A6354DB6D0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{D6DDC37A-2FA0-4D35-9BE3-BE5B03B15E72}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{DBB47092-D162-4078-8589-17D97148DAF8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{E50F3F78-7F02-40A0-BE36-6A843146C7DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{E84AAC13-83E5-41CF-A2B6-42F05AABFD43}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe | 
"{EC533F66-0D9D-4626-9242-58B26E9A4D35}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{EC6371EB-9ECA-4EB8-9713-F09881382173}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EF61A96D-7A07-48A0-8A12-C9ECB0104FBB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{F1F995F4-E662-44CC-9D4F-52000B802D76}" = protocol=17 | dir=in | app=d:\steam\steam.exe | 
"{F39D6A0B-3A78-4A6E-91D2-67571FAEAE75}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{F5F1370D-D59A-4D5F-B9BC-161E652729C4}" = protocol=6 | dir=out | app=system | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 2.051
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{8F7F2D9C-2DBE-4F10-9C7C-2724110A3339}" = Windows Live Remote Service Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{A6E0F6BE-30AC-4D36-97B0-1AC20E23CB83}" = Windows Live Remote Client Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SMBus" = Intel(R) SMBus
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20381A8A-808E-4A53-B6CD-AD2B85E16365}" = Windows Live UX Platform Language Pack
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker
"{2395BEE6-92D4-4D91-8665-5BAB6B78A346}" = Ableton Live 9 Suite
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D7BAC8A-51B8-4243-8567-1415C4272D13}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4FF82163-423A-43CE-898D-3B60D19A5E8F}_is1" = Panzar
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5D90ABE5-8A35-4947-8269-6F40BCE47A95}" = Windows Live Messenger
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{72B59E5A-CF45-4528-8227-7EDF5EC772BE}" = Intel Extreme Tuning Utility 2.1.408.41
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7D99B933-E29C-4599-92F0-DAED2AF041E3}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E285C75-9BE2-4349-972B-DECDDF472656}" = Windows Live Writer Resources
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}" = Windows Live Mail
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}" = Windows Live Mesh
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D3E5A972-9A15-427D-AE78-8181A5FD943C}" = eBay Worldwide
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F}" = Windows Live Messenger
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"5513-1208-7298-9440" = JDownloader 0.9
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ForgedByChaos" = Forged By Chaos
"HiDownload Platinum_is1" = HiDownloadPlatinum
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"Live 8.2.2" = Live 8.2.2
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Steam App 8870" = BioShock Infinite
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.3
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"WinZip Registry Optimizer_is1" = WinZip Registry Optimizer
"WTA-07464839-0b76-4b20-a6b6-dd5de14f6cb1" = Virtual Villagers 4 - The Tree of Life
"WTA-233b9eb7-ca8b-4bdd-ad1c-353f3b10266e" = John Deere Drive Green
"WTA-2c3f7c66-b8a5-463c-9121-9be7f455762c" = Insaniquarium Deluxe
"WTA-2fddb1fe-e5c8-4f59-9525-b82a1c0285c6" = Agatha Christie - Death on the Nile
"WTA-4506a7f6-e816-4687-b6cf-f91cd9c0fefa" = FATE
"WTA-4fead4b9-8a6f-4004-abc0-f94561826625" = Slingo Deluxe
"WTA-5833d882-570c-4c55-ba18-7d8e992e3676" = Polar Bowler
"WTA-72085e70-597d-4c57-9d06-c03106b46bb3" = Bejeweled 2 Deluxe
"WTA-969b09e6-23b1-487f-966a-46aace8ca96a" = Penguins!
"WTA-a759d92a-9053-418a-a186-445aaea34588" = Plants vs. Zombies - Game of the Year
"WTA-ae3e85b6-e646-4e61-9090-9e6a64ab47ec" = Torchlight
"WTA-b1e6c992-a1a0-45cf-89bf-ffb8ae894c1a" = Crazy Chicken Kart 2
"WTA-b992e114-2fa7-4bad-9f92-75a675ba1e68" = Zuma Deluxe
"WTA-c16e93e4-1c9f-4f62-a1c8-d6c2ef57092a" = Final Drive: Nitro
"WTA-ce7049a0-0845-4df8-a656-8eadd386139f" = Wedding Dash
"WTA-fe5d843d-a47b-4870-9cf3-95f2bbaef4be" = Mystery of Mortlake Mansion
"WTA-fe9159cb-abf8-4e11-9595-62b7df4f8aaf" = Jewel Match 3
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 15.07.2013 16:08:51 | Computer Name = erco-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7004
 
Error - 15.07.2013 19:43:50 | Computer Name = erco-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acer\Screensaver\VistaGetS3S4Reg.exe".  Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 15.07.2013 19:54:36 | Computer Name = erco-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acer\Screensaver\VistaGetS3S4Reg.exe".  Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 16.07.2013 13:03:12 | Computer Name = erco-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.07.2013 06:33:11 | Computer Name = erco-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.07.2013 09:23:36 | Computer Name = erco-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.07.2013 11:49:08 | Computer Name = erco-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acer\Screensaver\VistaGetS3S4Reg.exe".  Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 17.07.2013 12:10:57 | Computer Name = erco-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acer\Screensaver\VistaGetS3S4Reg.exe".  Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 17.07.2013 18:07:21 | Computer Name = erco-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.07.2013 02:05:19 | Computer Name = erco-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 12.07.2013 14:47:09 | Computer Name = erco-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
Error - 13.07.2013 07:03:48 | Computer Name = erco-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?13.?07.?2013 um 02:48:35 unerwartet heruntergefahren.
 
Error - 13.07.2013 07:03:49 | Computer Name = erco-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Apple Mobile Device erreicht.
 
Error - 13.07.2013 07:03:49 | Computer Name = erco-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
Error - 13.07.2013 07:09:15 | Computer Name = erco-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 
Error - 13.07.2013 09:14:13 | Computer Name = erco-PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines 
Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
 
Error - 13.07.2013 13:35:40 | Computer Name = erco-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Apple Mobile Device erreicht.
 
Error - 13.07.2013 13:35:40 | Computer Name = erco-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
Error - 13.07.2013 17:02:31 | Computer Name = erco-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Apple Mobile Device erreicht.
 
Error - 13.07.2013 17:02:31 | Computer Name = erco-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
 
< End of report >
         
--- --- ---


Geändert von eRco62 (18.07.2013 um 07:43 Uhr) Grund: LOG Files vergessen

Alt 18.07.2013, 08:03   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam. - Standard

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 18.07.2013, 08:11   #3
eRco62
 
Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam. - Standard

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by erco (administrator) on 18-07-2013 09:08:41
Running from C:\Users\erco\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Yontoo LLC) C:\Users\erco\AppData\Roaming\Yontoo\YontooDesktop.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe
(Mozilla Corporation) D:\firefox.exe
(Mozilla Corporation) D:\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Yontoo Desktop] - C:\Users\erco\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-23] (Yontoo LLC)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Run: [SuiteTray] - "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [221184 2011-07-06] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [221184 2011-07-06] ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\erco\AppData\Roaming\Mozilla\Firefox\Profiles\4ysakuib.default
FF user.js: detected! => C:\Users\erco\AppData\Roaming\Mozilla\Firefox\Profiles\4ysakuib.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\erco\AppData\Roaming\Mozilla\Firefox\Profiles\4ysakuib.default\Extensions\ich@maltegoetz.de
FF StartMenuInternet: FIREFOX.EXE - D:\firefox.exe

==================== Services (Whitelisted) =================

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 XTUService; C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [21768 2010-11-24] (Intel Corporation)
R2 Yontoo Desktop Updater; C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [23552 2013-03-23] (Microsoft)

==================== Drivers (Whitelisted) ====================

R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R2 IOCBIOS; C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [34304 2010-09-15] (Intel Corporation)
R2 IOCBIOS; C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [34304 2010-09-15] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-18 09:08 - 2013-07-18 09:08 - 00000000 ____D C:\FRST
2013-07-18 09:06 - 2013-07-18 09:07 - 01778209 _____ (Farbar) C:\Users\erco\Desktop\FRST64.exe
2013-07-18 08:26 - 2013-07-18 08:26 - 00110304 _____ C:\Users\erco\Desktop\Extras.Txt
2013-07-18 08:26 - 2013-07-18 08:26 - 00081392 _____ C:\Users\erco\Desktop\OTL.Txt
2013-07-18 08:23 - 2013-07-18 08:23 - 00602112 _____ (OldTimer Tools) C:\Users\erco\Desktop\OTL.exe
2013-07-18 08:23 - 2013-07-18 08:23 - 00000470 _____ C:\Users\erco\Desktop\defogger_disable.log
2013-07-18 08:23 - 2013-07-18 08:23 - 00000000 _____ C:\Users\erco\defogger_reenable
2013-07-13 15:13 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-13 15:13 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 15:13 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 15:13 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-13 15:13 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-13 15:13 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-13 15:13 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-13 15:13 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 15:13 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 22:28 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 22:28 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 22:28 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 14:27 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 14:27 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 14:00 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 14:00 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-06 15:48 - 2013-07-06 15:48 - 00000000 ____D C:\Users\erco\AppData\Local\EgisTec
2013-07-03 12:15 - 2013-07-03 12:15 - 00000500 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-03 12:15 - 2013-07-03 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-01 21:39 - 2013-07-01 21:39 - 00001355 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-07-01 21:39 - 2013-07-01 21:39 - 00000000 ____D C:\Users\erco\AppData\Local\NVIDIA
2013-07-01 21:38 - 2013-07-18 08:03 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-01 21:38 - 2013-07-01 21:38 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-01 21:38 - 2013-05-12 22:34 - 06491936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-07-01 21:38 - 2013-05-12 22:34 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-07-01 21:38 - 2013-05-08 16:13 - 03165737 _____ C:\Windows\system32\nvcoproc.bin
2013-07-01 21:37 - 2013-07-01 21:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-01 21:37 - 2013-05-12 23:42 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-07-01 21:37 - 2013-05-12 23:42 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-07-01 21:36 - 2013-07-18 08:03 - 00004052 _____ C:\Windows\setupact.log
2013-07-01 21:36 - 2013-07-01 21:36 - 00000000 _____ C:\Windows\setuperr.log
2013-07-01 21:36 - 2013-05-12 23:42 - 27775776 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 21096736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 15910736 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 15143904 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 13403168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 12426216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 11216160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-01 21:36 - 2013-05-12 23:42 - 09233688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 07682960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02942240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02935696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02754336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02597344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432018.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432018.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 01059560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00550176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00518944 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00443168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00421152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00020536 _____ C:\Windows\system32\nvinfo.pb
2013-07-01 21:36 - 2013-02-25 07:27 - 00194848 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-07-01 21:36 - 2013-02-25 07:27 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-07-01 21:36 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-07-01 21:33 - 2013-07-01 21:34 - 00000032 _____ C:\ProgramData\PS.log
2013-07-01 21:29 - 2013-07-01 21:29 - 00867240 ____N (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00789416 ____N (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00263592 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79C.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79B.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND78A.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\ProgramData\Sun
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-01 21:15 - 2013-07-01 21:15 - 00903080 _____ (Oracle Corporation) C:\Users\erco\Downloads\jxpiinstall.exe
2013-07-01 13:44 - 2013-07-01 13:44 - 00001194 _____ C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk
2013-06-29 15:12 - 2013-06-29 15:12 - 00199241 _____ C:\Users\erco\Desktop\Bensen 2.jpeg
2013-06-29 15:09 - 2013-06-29 15:14 - 00217520 _____ C:\Users\erco\Desktop\Bensen.jpeg
2013-06-29 15:07 - 2013-06-29 15:07 - 00000000 ____D C:\Users\erco\Documents\Fax
2013-06-27 02:06 - 2013-06-27 02:06 - 00000000 ____D C:\Windows\pss
2013-06-19 15:14 - 2013-06-19 15:14 - 00000000 ____D C:\Users\erco\Desktop\wqwqee
2013-06-19 15:13 - 2013-06-19 15:13 - 00000000 ___RD C:\Users\erco\Desktop\sam1 Project

==================== One Month Modified Files and Folders =======

2013-07-18 09:08 - 2013-07-18 09:08 - 00000000 ____D C:\FRST
2013-07-18 09:07 - 2013-07-18 09:06 - 01778209 _____ (Farbar) C:\Users\erco\Desktop\FRST64.exe
2013-07-18 08:45 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-18 08:45 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-18 08:26 - 2013-07-18 08:26 - 00110304 _____ C:\Users\erco\Desktop\Extras.Txt
2013-07-18 08:26 - 2013-07-18 08:26 - 00081392 _____ C:\Users\erco\Desktop\OTL.Txt
2013-07-18 08:23 - 2013-07-18 08:23 - 00602112 _____ (OldTimer Tools) C:\Users\erco\Desktop\OTL.exe
2013-07-18 08:23 - 2013-07-18 08:23 - 00000470 _____ C:\Users\erco\Desktop\defogger_disable.log
2013-07-18 08:23 - 2013-07-18 08:23 - 00000000 _____ C:\Users\erco\defogger_reenable
2013-07-18 08:23 - 2013-04-03 13:09 - 00000000 ____D C:\Users\erco
2013-07-18 08:20 - 2013-04-04 03:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-18 08:07 - 2013-04-03 22:26 - 00697072 _____ C:\Windows\system32\perfh007.dat
2013-07-18 08:07 - 2013-04-03 22:26 - 00148110 _____ C:\Windows\system32\perfc007.dat
2013-07-18 08:07 - 2009-07-14 07:13 - 01614036 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-18 08:06 - 2013-04-03 12:33 - 01377415 _____ C:\Windows\WindowsUpdate.log
2013-07-18 08:03 - 2013-07-01 21:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-18 08:03 - 2013-07-01 21:36 - 00004052 _____ C:\Windows\setupact.log
2013-07-18 08:03 - 2013-04-08 13:19 - 00000000 ____D C:\Users\erco\AppData\Roaming\Yontoo
2013-07-18 08:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-15 15:02 - 2013-04-27 14:39 - 00000294 _____ C:\Windows\Tasks\Registry Optimizer_DEFAULT.job
2013-07-13 02:48 - 2013-05-28 14:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 02:48 - 2013-05-28 14:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 20:50 - 2013-06-04 00:54 - 00000000 ____D C:\Users\erco\AppData\Local\PMB Files
2013-07-12 20:50 - 2013-06-04 00:54 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-12 20:47 - 2011-07-13 10:28 - 00000000 ____D C:\ProgramData\McAfee
2013-07-12 20:47 - 2010-11-21 05:47 - 00013862 _____ C:\Windows\PFRO.log
2013-07-12 17:37 - 2011-07-13 10:29 - 00000000 ____D C:\Program Files (x86)\Acer
2013-07-12 14:00 - 2013-05-11 00:47 - 00000000 ____D C:\Users\erco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-07-12 13:42 - 2009-07-14 06:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-11 18:37 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-11 18:37 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 19:41 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 14:39 - 2013-04-27 14:39 - 00000302 _____ C:\Windows\Tasks\Registry Optimizer_UPDATES.job
2013-07-06 17:05 - 2013-04-03 12:35 - 00000000 ___HD C:\ProgramData\EgisTec
2013-07-06 15:48 - 2013-07-06 15:48 - 00000000 ____D C:\Users\erco\AppData\Local\EgisTec
2013-07-03 12:15 - 2013-07-03 12:15 - 00000500 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-03 12:15 - 2013-07-03 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 11:42 - 2013-04-10 12:34 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-03 11:41 - 2013-04-10 12:42 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-01 21:39 - 2013-07-01 21:39 - 00001355 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-07-01 21:39 - 2013-07-01 21:39 - 00000000 ____D C:\Users\erco\AppData\Local\NVIDIA
2013-07-01 21:39 - 2013-07-01 21:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-01 21:38 - 2013-07-01 21:38 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-01 21:38 - 2013-04-03 12:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-01 21:38 - 2013-04-03 12:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-01 21:36 - 2013-07-01 21:36 - 00000000 _____ C:\Windows\setuperr.log
2013-07-01 21:35 - 2011-07-13 10:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-01 21:34 - 2013-07-01 21:33 - 00000032 _____ C:\ProgramData\PS.log
2013-07-01 21:33 - 2013-05-09 11:33 - 00000000 ____D C:\Users\erco\AppData\Local\Cyberlink
2013-07-01 21:33 - 2013-04-03 12:46 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-01 21:29 - 2013-07-01 21:29 - 00867240 ____N (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00789416 ____N (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00263592 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79C.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79B.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND78A.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\ProgramData\Sun
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-01 21:15 - 2013-07-01 21:15 - 00903080 _____ (Oracle Corporation) C:\Users\erco\Downloads\jxpiinstall.exe
2013-07-01 15:07 - 2013-06-15 03:15 - 00000000 ____D C:\Users\erco\AppData\Roaming\Awesomium
2013-07-01 13:44 - 2013-07-01 13:44 - 00001194 _____ C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk
2013-06-29 15:14 - 2013-06-29 15:09 - 00217520 _____ C:\Users\erco\Desktop\Bensen.jpeg
2013-06-29 15:12 - 2013-06-29 15:12 - 00199241 _____ C:\Users\erco\Desktop\Bensen 2.jpeg
2013-06-29 15:07 - 2013-06-29 15:07 - 00000000 ____D C:\Users\erco\Documents\Fax
2013-06-28 14:00 - 2013-04-27 14:38 - 00000000 ____D C:\Users\erco\AppData\Roaming\uTorrent
2013-06-28 14:00 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-27 14:59 - 2011-07-13 10:32 - 00064650 _____ C:\Windows\DirectX.log
2013-06-27 02:06 - 2013-06-27 02:06 - 00000000 ____D C:\Windows\pss
2013-06-19 15:14 - 2013-06-19 15:14 - 00000000 ____D C:\Users\erco\Desktop\wqwqee
2013-06-19 15:13 - 2013-06-19 15:13 - 00000000 ___RD C:\Users\erco\Desktop\sam1 Project

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-09 20:22

==================== End Of Log ============================
         
--- --- ---
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2013 02
Ran by erco at 2013-07-18 09:08:50
Running from C:\Users\erco\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
µTorrent (HKCU Version: 3.3.1.29801)
Ableton Live 9 Suite (x32 Version: 9.0.0.0)
Acer eRecovery Management (x32 Version: 5.00.3502)
Acer Registration (x32 Version: 1.04.3503)
Acer ScreenSaver (x32 Version: 1.1.0708.2011)
Acer Updater (x32 Version: 1.02.3500)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader X MUI (x32 Version: 10.0.0)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
BioShock Infinite (x32)
Bonjour (Version: 3.0.0.10)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97)
D3DX10 (x32 Version: 15.4.2368.0902)
eBay Worldwide (x32 Version: 2.2.0409)
Etron USB3.0 Host Controller (x32 Version: 0.103)
FATE (x32 Version: 2.2.0.97)
Final Drive: Nitro (x32 Version: 2.2.0.95)
Forged By Chaos (x32)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
HiDownloadPlatinum (x32)
Hotkey Utility (x32 Version: 2.05.3505)
Identity Card (x32 Version: 1.00.3501)
Insaniquarium Deluxe (x32 Version: 2.2.0.97)
Intel Extreme Tuning Utility 2.1.408.41 (x32 Version: 2.1.408.41)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046)
Intel(R) SMBus
Intel® Watchdog Timer Driver (Intel® WDT) (x32)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
JDownloader 0.9 (x32 Version: 0.9)
Jewel Match 3 (x32 Version: 2.2.0.97)
John Deere Drive Green (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Live 8.2.2 (x32)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5128.5002)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)
MyWinLocker (Version: 4.0.14.25)
MyWinLocker 4 (x32 Version: 4.0.14.25)
MyWinLocker Suite (x32 Version: 4.0.14.15)
Norton Online Backup (x32 Version: 2.1.17869)
NVIDIA 3D Vision Controller-Treiber 320.18 (Version: 320.18)
NVIDIA 3D Vision Treiber 320.18 (Version: 320.18)
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Grafiktreiber 320.18 (Version: 320.18)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2018)
NVIDIA Systemsteuerung 320.18 (Version: 320.18)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
Pando Media Booster (x32 Version: 2.6.0.9)
Panzar (x32 Version: 1.0)
Penguins! (x32 Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Polar Bowler (x32 Version: 2.2.0.97)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6194)
rosoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Skype™ 5.10 (x32 Version: 5.10.116)
Slingo Deluxe (x32 Version: 2.2.0.95)
Torchlight (x32 Version: 2.2.0.97)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update Installer for WildTangent Games App (x32)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97)
Wedding Dash (x32 Version: 2.2.0.95)
Welcome Center (x32 Version: 1.02.3503)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14)
Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
WinPcap 4.1.3 (x32 Version: 4.1.0.2980)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
WinZip Registry Optimizer (x32 Version: 1.0)
Yontoo 2.051 (Version: 2.051)
Zuma Deluxe (x32 Version: 2.2.0.95)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0C2CCDEE-5DE7-4AE9-9165-3288C8EF903B} - System32\Tasks\Registry Optimizer_UPDATES => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe [2013-02-13] (WinZip Computing, S.L. (WinZip Computing))
Task: {4BE686AB-1A71-4915-AAE3-8E6691D8E1DB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {514182AD-6840-456B-8F6D-714FE6845660} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {8F12F75F-F778-4B0E-B7F5-5550E7E8DD4C} - System32\Tasks\Registry Optimizer_DEFAULT => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe [2013-02-13] (WinZip Computing, S.L. (WinZip Computing))
Task: {A6A4D0B7-B006-478A-A139-FBC80A595F9A} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-16] (Adobe Systems Incorporated)
Task: {AE7AF8F8-0038-4883-A2E2-2CAF7A444D5A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {B17E67B5-1D33-45AF-AE97-51986372212D} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-16] (Adobe Systems Incorporated)
Task: {BE735D79-6043-4A26-824C-DC603CA56A52} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {CC352234-6CB3-4D7E-A489-65F31E4D2F41} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Registry Optimizer_DEFAULT.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\Windows\Tasks\Registry Optimizer_UPDATES.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe

==================== Faulty Device Manager Devices =============

Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2013 08:05:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/18/2013 00:07:21 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2013 06:10:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/17/2013 05:49:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/17/2013 03:23:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2013 00:33:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2013 07:03:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2013 01:54:36 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/16/2013 01:43:50 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/15/2013 10:08:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004


System errors:
=============
Error: (07/18/2013 08:03:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/18/2013 08:03:26 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.

Error: (07/18/2013 00:05:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/18/2013 00:05:28 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.

Error: (07/17/2013 04:54:49 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/17/2013 03:21:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/17/2013 03:21:43 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.

Error: (07/17/2013 00:46:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/17/2013 00:46:59 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (07/17/2013 00:31:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (07/18/2013 08:05:19 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/18/2013 00:07:21 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2013 06:10:57 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\Acer\Screensaver\VistaGetS3S4Reg.exe

Error: (07/17/2013 05:49:08 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\Acer\Screensaver\VistaGetS3S4Reg.exe

Error: (07/17/2013 03:23:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2013 00:33:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2013 07:03:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2013 01:54:36 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\Acer\Screensaver\VistaGetS3S4Reg.exe

Error: (07/16/2013 01:43:50 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\Acer\Screensaver\VistaGetS3S4Reg.exe

Error: (07/15/2013 10:08:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004


==================== Memory info =========================== 

Percentage of memory in use: 24%
Total physical RAM: 8173.97 MB
Available physical RAM: 6202.55 MB
Total Pagefile: 16346.12 MB
Available Pagefile: 14241.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:45.53 GB) (Free:1.8 GB) NTFS (Disk=0 Partition=3)
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:709.63 GB) NTFS (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: 0B564DF3)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=46 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 99C2C019)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 18.07.2013, 08:27   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam. - Standard

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.07.2013, 08:41   #5
eRco62
 
Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam. - Standard

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.



AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.305 - Datei am 18/07/2013 um 09:33:15 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : erco - ERCO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\erco\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : Yontoo Desktop Updater

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\erco\AppData\Roaming\Mozilla\Firefox\Profiles\4ysakuib.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Ordner Gelöscht : C:\Program Files (x86)\WinZip Registry Optimizer
Ordner Gelöscht : C:\Program Files (x86)\Yontoo
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\erco\AppData\Roaming\Yontoo

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Yontoo Desktop]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\erco\AppData\Roaming\Mozilla\Firefox\Profiles\4ysakuib.default\prefs.js

C:\Users\erco\AppData\Roaming\Mozilla\Firefox\Profiles\4ysakuib.default\user.js ... Gelöscht !

Gelöscht : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Gelöscht : user_pref("extentions.y2layers.installId", "171b6a6f-acd0-4989-be21-f5bc1e5c55e3");

*************************

AdwCleaner[S1].txt - [4083 octets] - [18/07/2013 09:33:15]

########## EOF - C:\AdwCleaner[S1].txt - [4143 octets] ##########
         
--- --- ---


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Windows 7 Home Premium x64
Ran by erco on 18.07.2013 at 9:37:44,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.07.2013 at 9:39:56,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by erco (administrator) on 18-07-2013 09:40:15
Running from C:\Users\erco\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Run: [SuiteTray] - "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [221184 2011-07-06] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [221184 2011-07-06] ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\erco\AppData\Roaming\Mozilla\Firefox\Profiles\4ysakuib.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\erco\AppData\Roaming\Mozilla\Firefox\Profiles\4ysakuib.default\Extensions\ich@maltegoetz.de
FF StartMenuInternet: FIREFOX.EXE - D:\firefox.exe

==================== Services (Whitelisted) =================

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 XTUService; C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [21768 2010-11-24] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R2 IOCBIOS; C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [34304 2010-09-15] (Intel Corporation)
R2 IOCBIOS; C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [34304 2010-09-15] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-18 09:39 - 2013-07-18 09:39 - 00000727 _____ C:\Users\erco\Desktop\JRT.txt
2013-07-18 09:37 - 2013-07-18 09:37 - 00004204 _____ C:\Users\erco\Desktop\AdwCleaner[S1].txt
2013-07-18 09:37 - 2013-07-18 09:37 - 00000000 ____D C:\Windows\ERUNT
2013-07-18 09:33 - 2013-07-18 09:33 - 00004204 _____ C:\AdwCleaner[S1].txt
2013-07-18 09:32 - 2013-07-18 09:32 - 00001055 _____ C:\Users\erco\Desktop\Neues Textdokument (2).txt
2013-07-18 09:31 - 2013-07-18 09:31 - 00662345 _____ C:\Users\erco\Desktop\adwcleaner.exe
2013-07-18 09:31 - 2013-07-18 09:31 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\erco\Desktop\JRT.exe
2013-07-18 09:08 - 2013-07-18 09:08 - 00000000 ____D C:\FRST
2013-07-18 09:06 - 2013-07-18 09:07 - 01778209 _____ (Farbar) C:\Users\erco\Desktop\FRST64.exe
2013-07-18 08:23 - 2013-07-18 08:23 - 00602112 _____ (OldTimer Tools) C:\Users\erco\Desktop\OTL.exe
2013-07-18 08:23 - 2013-07-18 08:23 - 00000000 _____ C:\Users\erco\defogger_reenable
2013-07-13 15:13 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-13 15:13 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 15:13 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 15:13 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-13 15:13 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-13 15:13 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-13 15:13 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-13 15:13 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 15:13 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 22:28 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 22:28 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 22:28 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 14:27 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 14:27 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 14:00 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 14:00 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-06 15:48 - 2013-07-06 15:48 - 00000000 ____D C:\Users\erco\AppData\Local\EgisTec
2013-07-03 12:15 - 2013-07-03 12:15 - 00000500 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-03 12:15 - 2013-07-03 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-01 21:39 - 2013-07-01 21:39 - 00001355 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-07-01 21:39 - 2013-07-01 21:39 - 00000000 ____D C:\Users\erco\AppData\Local\NVIDIA
2013-07-01 21:38 - 2013-07-18 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-01 21:38 - 2013-07-01 21:38 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-01 21:38 - 2013-05-12 22:34 - 06491936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-07-01 21:38 - 2013-05-12 22:34 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-07-01 21:38 - 2013-05-08 16:13 - 03165737 _____ C:\Windows\system32\nvcoproc.bin
2013-07-01 21:37 - 2013-07-01 21:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-01 21:37 - 2013-05-12 23:42 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-07-01 21:37 - 2013-05-12 23:42 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-07-01 21:36 - 2013-07-18 09:35 - 00004108 _____ C:\Windows\setupact.log
2013-07-01 21:36 - 2013-07-01 21:36 - 00000000 _____ C:\Windows\setuperr.log
2013-07-01 21:36 - 2013-05-12 23:42 - 27775776 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 21096736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 15910736 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 15143904 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 13403168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 12426216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 11216160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-01 21:36 - 2013-05-12 23:42 - 09233688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 07682960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02942240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02935696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02754336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02597344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432018.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432018.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 01059560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00550176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00518944 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00443168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00421152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00020536 _____ C:\Windows\system32\nvinfo.pb
2013-07-01 21:36 - 2013-02-25 07:27 - 00194848 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-07-01 21:36 - 2013-02-25 07:27 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-07-01 21:36 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-07-01 21:33 - 2013-07-01 21:34 - 00000032 _____ C:\ProgramData\PS.log
2013-07-01 21:29 - 2013-07-01 21:29 - 00867240 ____N (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00789416 ____N (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00263592 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79C.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79B.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND78A.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\ProgramData\Sun
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-01 21:15 - 2013-07-01 21:15 - 00903080 _____ (Oracle Corporation) C:\Users\erco\Downloads\jxpiinstall.exe
2013-07-01 13:44 - 2013-07-01 13:44 - 00001194 _____ C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk
2013-06-29 15:12 - 2013-06-29 15:12 - 00199241 _____ C:\Users\erco\Desktop\Bensen 2.jpeg
2013-06-29 15:09 - 2013-06-29 15:14 - 00217520 _____ C:\Users\erco\Desktop\Bensen.jpeg
2013-06-29 15:07 - 2013-06-29 15:07 - 00000000 ____D C:\Users\erco\Documents\Fax
2013-06-27 02:06 - 2013-06-27 02:06 - 00000000 ____D C:\Windows\pss
2013-06-19 15:14 - 2013-06-19 15:14 - 00000000 ____D C:\Users\erco\Desktop\wqwqee
2013-06-19 15:13 - 2013-06-19 15:13 - 00000000 ___RD C:\Users\erco\Desktop\sam1 Project

==================== One Month Modified Files and Folders =======

2013-07-18 09:39 - 2013-07-18 09:39 - 00000727 _____ C:\Users\erco\Desktop\JRT.txt
2013-07-18 09:37 - 2013-07-18 09:37 - 00004204 _____ C:\Users\erco\Desktop\AdwCleaner[S1].txt
2013-07-18 09:37 - 2013-07-18 09:37 - 00000000 ____D C:\Windows\ERUNT
2013-07-18 09:35 - 2013-07-01 21:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-18 09:35 - 2013-07-01 21:36 - 00004108 _____ C:\Windows\setupact.log
2013-07-18 09:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-18 09:34 - 2013-04-03 12:33 - 01402340 _____ C:\Windows\WindowsUpdate.log
2013-07-18 09:33 - 2013-07-18 09:33 - 00004204 _____ C:\AdwCleaner[S1].txt
2013-07-18 09:32 - 2013-07-18 09:32 - 00001055 _____ C:\Users\erco\Desktop\Neues Textdokument (2).txt
2013-07-18 09:31 - 2013-07-18 09:31 - 00662345 _____ C:\Users\erco\Desktop\adwcleaner.exe
2013-07-18 09:31 - 2013-07-18 09:31 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\erco\Desktop\JRT.exe
2013-07-18 09:20 - 2013-04-04 03:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-18 09:08 - 2013-07-18 09:08 - 00000000 ____D C:\FRST
2013-07-18 09:07 - 2013-07-18 09:06 - 01778209 _____ (Farbar) C:\Users\erco\Desktop\FRST64.exe
2013-07-18 08:45 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-18 08:45 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-18 08:23 - 2013-07-18 08:23 - 00602112 _____ (OldTimer Tools) C:\Users\erco\Desktop\OTL.exe
2013-07-18 08:23 - 2013-07-18 08:23 - 00000000 _____ C:\Users\erco\defogger_reenable
2013-07-18 08:23 - 2013-04-03 13:09 - 00000000 ____D C:\Users\erco
2013-07-18 08:07 - 2013-04-03 22:26 - 00697072 _____ C:\Windows\system32\perfh007.dat
2013-07-18 08:07 - 2013-04-03 22:26 - 00148110 _____ C:\Windows\system32\perfc007.dat
2013-07-18 08:07 - 2009-07-14 07:13 - 01614036 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-15 15:02 - 2013-04-27 14:39 - 00000294 _____ C:\Windows\Tasks\Registry Optimizer_DEFAULT.job
2013-07-13 02:48 - 2013-05-28 14:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 02:48 - 2013-05-28 14:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 20:50 - 2013-06-04 00:54 - 00000000 ____D C:\Users\erco\AppData\Local\PMB Files
2013-07-12 20:50 - 2013-06-04 00:54 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-12 20:47 - 2011-07-13 10:28 - 00000000 ____D C:\ProgramData\McAfee
2013-07-12 20:47 - 2010-11-21 05:47 - 00013862 _____ C:\Windows\PFRO.log
2013-07-12 17:37 - 2011-07-13 10:29 - 00000000 ____D C:\Program Files (x86)\Acer
2013-07-12 14:00 - 2013-05-11 00:47 - 00000000 ____D C:\Users\erco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-07-12 13:42 - 2009-07-14 06:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-11 18:37 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-11 18:37 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 19:41 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 14:39 - 2013-04-27 14:39 - 00000302 _____ C:\Windows\Tasks\Registry Optimizer_UPDATES.job
2013-07-06 17:05 - 2013-04-03 12:35 - 00000000 ___HD C:\ProgramData\EgisTec
2013-07-06 15:48 - 2013-07-06 15:48 - 00000000 ____D C:\Users\erco\AppData\Local\EgisTec
2013-07-03 12:15 - 2013-07-03 12:15 - 00000500 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-03 12:15 - 2013-07-03 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 11:42 - 2013-04-10 12:34 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-03 11:41 - 2013-04-10 12:42 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-01 21:39 - 2013-07-01 21:39 - 00001355 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-07-01 21:39 - 2013-07-01 21:39 - 00000000 ____D C:\Users\erco\AppData\Local\NVIDIA
2013-07-01 21:39 - 2013-07-01 21:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-01 21:38 - 2013-07-01 21:38 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-01 21:38 - 2013-04-03 12:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-01 21:38 - 2013-04-03 12:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-01 21:36 - 2013-07-01 21:36 - 00000000 _____ C:\Windows\setuperr.log
2013-07-01 21:35 - 2011-07-13 10:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-01 21:34 - 2013-07-01 21:33 - 00000032 _____ C:\ProgramData\PS.log
2013-07-01 21:33 - 2013-05-09 11:33 - 00000000 ____D C:\Users\erco\AppData\Local\Cyberlink
2013-07-01 21:33 - 2013-04-03 12:46 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-01 21:29 - 2013-07-01 21:29 - 00867240 ____N (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00789416 ____N (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00263592 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79C.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79B.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND78A.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\ProgramData\Sun
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-01 21:15 - 2013-07-01 21:15 - 00903080 _____ (Oracle Corporation) C:\Users\erco\Downloads\jxpiinstall.exe
2013-07-01 15:07 - 2013-06-15 03:15 - 00000000 ____D C:\Users\erco\AppData\Roaming\Awesomium
2013-07-01 13:44 - 2013-07-01 13:44 - 00001194 _____ C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk
2013-06-29 15:14 - 2013-06-29 15:09 - 00217520 _____ C:\Users\erco\Desktop\Bensen.jpeg
2013-06-29 15:12 - 2013-06-29 15:12 - 00199241 _____ C:\Users\erco\Desktop\Bensen 2.jpeg
2013-06-29 15:07 - 2013-06-29 15:07 - 00000000 ____D C:\Users\erco\Documents\Fax
2013-06-28 14:00 - 2013-04-27 14:38 - 00000000 ____D C:\Users\erco\AppData\Roaming\uTorrent
2013-06-28 14:00 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-27 14:59 - 2011-07-13 10:32 - 00064650 _____ C:\Windows\DirectX.log
2013-06-27 02:06 - 2013-06-27 02:06 - 00000000 ____D C:\Windows\pss
2013-06-19 15:14 - 2013-06-19 15:14 - 00000000 ____D C:\Users\erco\Desktop\wqwqee
2013-06-19 15:13 - 2013-06-19 15:13 - 00000000 ___RD C:\Users\erco\Desktop\sam1 Project

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-09 20:22

==================== End Of Log ============================
         
--- --- ---


Alt 18.07.2013, 09:45   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam. - Standard

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.



Supi


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.

Alt 18.07.2013, 13:21   #7
eRco62
 
Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam. - Standard

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.



ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7bb547be03f82040810656135bb20285
# engine=14442
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-18 10:49:14
# local_time=2013-07-18 12:49:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 7308 125774404 0 0
# scanned=254959
# found=1
# cleaned=0
# scan_time=3611
sh=38EB819B95824087D6C7B888A3EECDF91BE61BBB ft=1 fh=f998eb64c89b246b vn="a variant of Win32/Packed.VMProtect.AAN trojan" ac=I fn="D:\DS\xlive.dll"


Results of screen317's Security Check version 0.99.70
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 25
Adobe Flash Player 11.7.700.224
Mozilla Firefox (22.0)
````````Process Check: objlist.exe by Laurent````````
ESET ESET Online Scanner OnlineScannerApp.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by erco (administrator) on 18-07-2013 14:20:38
Running from C:\Users\erco\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() D:\Steam\steamapps\common\dota 2 beta\dota.exe
(Valve Corporation) D:\Steam\GameOverlayUI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Mozilla Corporation) D:\firefox.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Run: [SuiteTray] - "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [221184 2011-07-06] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [221184 2011-07-06] ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\erco\AppData\Roaming\Mozilla\Firefox\Profiles\4ysakuib.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\erco\AppData\Roaming\Mozilla\Firefox\Profiles\4ysakuib.default\Extensions\ich@maltegoetz.de
FF StartMenuInternet: FIREFOX.EXE - D:\firefox.exe

==================== Services (Whitelisted) =================

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 XTUService; C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [21768 2010-11-24] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R2 IOCBIOS; C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [34304 2010-09-15] (Intel Corporation)
R2 IOCBIOS; C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [34304 2010-09-15] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-18 11:56 - 2013-07-18 11:56 - 00891062 _____ C:\Users\erco\Desktop\SecurityCheck.exe
2013-07-18 11:45 - 2013-07-18 11:45 - 02347384 _____ (ESET) C:\Users\erco\Downloads\esetsmartinstaller_enu.exe
2013-07-18 11:45 - 2013-07-18 11:45 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-18 11:43 - 2013-07-18 11:43 - 00000202 _____ C:\Users\erco\Desktop\PlanetSide 2.url
2013-07-18 09:39 - 2013-07-18 09:39 - 00000727 _____ C:\Users\erco\Desktop\JRT.txt
2013-07-18 09:37 - 2013-07-18 09:37 - 00004204 _____ C:\Users\erco\Desktop\AdwCleaner[S1].txt
2013-07-18 09:37 - 2013-07-18 09:37 - 00000000 ____D C:\Windows\ERUNT
2013-07-18 09:33 - 2013-07-18 09:33 - 00004204 _____ C:\AdwCleaner[S1].txt
2013-07-18 09:32 - 2013-07-18 09:32 - 00001055 _____ C:\Users\erco\Desktop\Neues Textdokument (2).txt
2013-07-18 09:31 - 2013-07-18 09:31 - 00662345 _____ C:\Users\erco\Desktop\adwcleaner.exe
2013-07-18 09:31 - 2013-07-18 09:31 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\erco\Desktop\JRT.exe
2013-07-18 09:08 - 2013-07-18 09:08 - 00000000 ____D C:\FRST
2013-07-18 09:06 - 2013-07-18 09:07 - 01778209 _____ (Farbar) C:\Users\erco\Desktop\FRST64.exe
2013-07-18 08:23 - 2013-07-18 08:23 - 00602112 _____ (OldTimer Tools) C:\Users\erco\Desktop\OTL.exe
2013-07-18 08:23 - 2013-07-18 08:23 - 00000000 _____ C:\Users\erco\defogger_reenable
2013-07-13 15:13 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-13 15:13 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-13 15:13 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-13 15:13 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 15:13 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 15:13 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-13 15:13 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 15:13 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-13 15:13 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-13 15:13 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-13 15:13 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 15:13 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 22:28 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 22:28 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 22:28 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 14:27 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 14:27 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 14:00 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 14:00 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-06 15:48 - 2013-07-06 15:48 - 00000000 ____D C:\Users\erco\AppData\Local\EgisTec
2013-07-03 12:15 - 2013-07-03 12:15 - 00000500 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-03 12:15 - 2013-07-03 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-01 21:39 - 2013-07-01 21:39 - 00001355 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-07-01 21:39 - 2013-07-01 21:39 - 00000000 ____D C:\Users\erco\AppData\Local\NVIDIA
2013-07-01 21:38 - 2013-07-18 10:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-01 21:38 - 2013-07-01 21:38 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-01 21:38 - 2013-05-12 22:34 - 06491936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-07-01 21:38 - 2013-05-12 22:34 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-07-01 21:38 - 2013-05-12 22:34 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-07-01 21:38 - 2013-05-08 16:13 - 03165737 _____ C:\Windows\system32\nvcoproc.bin
2013-07-01 21:37 - 2013-07-01 21:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-01 21:37 - 2013-05-12 23:42 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-07-01 21:37 - 2013-05-12 23:42 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-07-01 21:36 - 2013-07-18 10:35 - 00004164 _____ C:\Windows\setupact.log
2013-07-01 21:36 - 2013-07-01 21:36 - 00000000 _____ C:\Windows\setuperr.log
2013-07-01 21:36 - 2013-05-12 23:42 - 27775776 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 21096736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 15910736 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 15143904 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 13403168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 12426216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 11216160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-01 21:36 - 2013-05-12 23:42 - 09233688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 07682960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02942240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02935696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02754336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02597344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432018.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432018.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 01059560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00550176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00518944 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00443168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00421152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-01 21:36 - 2013-05-12 23:42 - 00020536 _____ C:\Windows\system32\nvinfo.pb
2013-07-01 21:36 - 2013-02-25 07:27 - 00194848 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-07-01 21:36 - 2013-02-25 07:27 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-07-01 21:36 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-07-01 21:33 - 2013-07-01 21:34 - 00000032 _____ C:\ProgramData\PS.log
2013-07-01 21:29 - 2013-07-01 21:29 - 00867240 ____N (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00789416 ____N (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00263592 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79C.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79B.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND78A.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\ProgramData\Sun
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-01 21:15 - 2013-07-01 21:15 - 00903080 _____ (Oracle Corporation) C:\Users\erco\Downloads\jxpiinstall.exe
2013-07-01 13:44 - 2013-07-01 13:44 - 00001194 _____ C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk
2013-06-29 15:12 - 2013-06-29 15:12 - 00199241 _____ C:\Users\erco\Desktop\Bensen 2.jpeg
2013-06-29 15:09 - 2013-06-29 15:14 - 00217520 _____ C:\Users\erco\Desktop\Bensen.jpeg
2013-06-29 15:07 - 2013-06-29 15:07 - 00000000 ____D C:\Users\erco\Documents\Fax
2013-06-27 02:06 - 2013-06-27 02:06 - 00000000 ____D C:\Windows\pss
2013-06-19 15:14 - 2013-06-19 15:14 - 00000000 ____D C:\Users\erco\Desktop\wqwqee
2013-06-19 15:13 - 2013-06-19 15:13 - 00000000 ___RD C:\Users\erco\Desktop\sam1 Project

==================== One Month Modified Files and Folders =======

2013-07-18 14:20 - 2013-04-04 03:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-18 13:51 - 2013-04-03 12:33 - 01421702 _____ C:\Windows\WindowsUpdate.log
2013-07-18 11:56 - 2013-07-18 11:56 - 00891062 _____ C:\Users\erco\Desktop\SecurityCheck.exe
2013-07-18 11:45 - 2013-07-18 11:45 - 02347384 _____ (ESET) C:\Users\erco\Downloads\esetsmartinstaller_enu.exe
2013-07-18 11:45 - 2013-07-18 11:45 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-18 11:43 - 2013-07-18 11:43 - 00000202 _____ C:\Users\erco\Desktop\PlanetSide 2.url
2013-07-18 11:43 - 2013-05-11 00:47 - 00000000 ____D C:\Users\erco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-07-18 10:42 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-18 10:42 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-18 10:40 - 2013-04-03 22:26 - 00697072 _____ C:\Windows\system32\perfh007.dat
2013-07-18 10:40 - 2013-04-03 22:26 - 00148110 _____ C:\Windows\system32\perfc007.dat
2013-07-18 10:40 - 2009-07-14 07:13 - 01614036 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-18 10:35 - 2013-07-01 21:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-18 10:35 - 2013-07-01 21:36 - 00004164 _____ C:\Windows\setupact.log
2013-07-18 10:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-18 09:39 - 2013-07-18 09:39 - 00000727 _____ C:\Users\erco\Desktop\JRT.txt
2013-07-18 09:37 - 2013-07-18 09:37 - 00004204 _____ C:\Users\erco\Desktop\AdwCleaner[S1].txt
2013-07-18 09:37 - 2013-07-18 09:37 - 00000000 ____D C:\Windows\ERUNT
2013-07-18 09:33 - 2013-07-18 09:33 - 00004204 _____ C:\AdwCleaner[S1].txt
2013-07-18 09:32 - 2013-07-18 09:32 - 00001055 _____ C:\Users\erco\Desktop\Neues Textdokument (2).txt
2013-07-18 09:31 - 2013-07-18 09:31 - 00662345 _____ C:\Users\erco\Desktop\adwcleaner.exe
2013-07-18 09:31 - 2013-07-18 09:31 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\erco\Desktop\JRT.exe
2013-07-18 09:08 - 2013-07-18 09:08 - 00000000 ____D C:\FRST
2013-07-18 09:07 - 2013-07-18 09:06 - 01778209 _____ (Farbar) C:\Users\erco\Desktop\FRST64.exe
2013-07-18 08:23 - 2013-07-18 08:23 - 00602112 _____ (OldTimer Tools) C:\Users\erco\Desktop\OTL.exe
2013-07-18 08:23 - 2013-07-18 08:23 - 00000000 _____ C:\Users\erco\defogger_reenable
2013-07-18 08:23 - 2013-04-03 13:09 - 00000000 ____D C:\Users\erco
2013-07-15 15:02 - 2013-04-27 14:39 - 00000294 _____ C:\Windows\Tasks\Registry Optimizer_DEFAULT.job
2013-07-13 02:48 - 2013-05-28 14:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 02:48 - 2013-05-28 14:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 20:50 - 2013-06-04 00:54 - 00000000 ____D C:\Users\erco\AppData\Local\PMB Files
2013-07-12 20:50 - 2013-06-04 00:54 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-12 20:47 - 2011-07-13 10:28 - 00000000 ____D C:\ProgramData\McAfee
2013-07-12 20:47 - 2010-11-21 05:47 - 00013862 _____ C:\Windows\PFRO.log
2013-07-12 17:37 - 2011-07-13 10:29 - 00000000 ____D C:\Program Files (x86)\Acer
2013-07-12 13:42 - 2009-07-14 06:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-11 18:37 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-11 18:37 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 19:41 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 14:39 - 2013-04-27 14:39 - 00000302 _____ C:\Windows\Tasks\Registry Optimizer_UPDATES.job
2013-07-06 17:05 - 2013-04-03 12:35 - 00000000 ___HD C:\ProgramData\EgisTec
2013-07-06 15:48 - 2013-07-06 15:48 - 00000000 ____D C:\Users\erco\AppData\Local\EgisTec
2013-07-03 12:15 - 2013-07-03 12:15 - 00000500 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-03 12:15 - 2013-07-03 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 11:42 - 2013-04-10 12:34 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-03 11:41 - 2013-04-10 12:42 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-01 21:39 - 2013-07-01 21:39 - 00001355 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-07-01 21:39 - 2013-07-01 21:39 - 00000000 ____D C:\Users\erco\AppData\Local\NVIDIA
2013-07-01 21:39 - 2013-07-01 21:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-01 21:38 - 2013-07-01 21:38 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-07-01 21:38 - 2013-07-01 21:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-01 21:38 - 2013-04-03 12:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-01 21:38 - 2013-04-03 12:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-01 21:36 - 2013-07-01 21:36 - 00000000 _____ C:\Windows\setuperr.log
2013-07-01 21:35 - 2011-07-13 10:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-01 21:34 - 2013-07-01 21:33 - 00000032 _____ C:\ProgramData\PS.log
2013-07-01 21:33 - 2013-05-09 11:33 - 00000000 ____D C:\Users\erco\AppData\Local\Cyberlink
2013-07-01 21:33 - 2013-04-03 12:46 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-01 21:29 - 2013-07-01 21:29 - 00867240 ____N (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00789416 ____N (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-01 21:29 - 2013-07-01 21:29 - 00263592 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79C.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND79B.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____N C:\Windows\SysWOW64\REND78A.tmp
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\ProgramData\Sun
2013-07-01 21:29 - 2013-07-01 21:29 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-01 21:15 - 2013-07-01 21:15 - 00903080 _____ (Oracle Corporation) C:\Users\erco\Downloads\jxpiinstall.exe
2013-07-01 15:07 - 2013-06-15 03:15 - 00000000 ____D C:\Users\erco\AppData\Roaming\Awesomium
2013-07-01 13:44 - 2013-07-01 13:44 - 00001194 _____ C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk
2013-06-29 15:14 - 2013-06-29 15:09 - 00217520 _____ C:\Users\erco\Desktop\Bensen.jpeg
2013-06-29 15:12 - 2013-06-29 15:12 - 00199241 _____ C:\Users\erco\Desktop\Bensen 2.jpeg
2013-06-29 15:07 - 2013-06-29 15:07 - 00000000 ____D C:\Users\erco\Documents\Fax
2013-06-28 14:00 - 2013-04-27 14:38 - 00000000 ____D C:\Users\erco\AppData\Roaming\uTorrent
2013-06-28 14:00 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-27 14:59 - 2011-07-13 10:32 - 00064650 _____ C:\Windows\DirectX.log
2013-06-27 02:06 - 2013-06-27 02:06 - 00000000 ____D C:\Windows\pss
2013-06-19 15:14 - 2013-06-19 15:14 - 00000000 ____D C:\Users\erco\Desktop\wqwqee
2013-06-19 15:13 - 2013-06-19 15:13 - 00000000 ___RD C:\Users\erco\Desktop\sam1 Project

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-18 13:13

==================== End Of Log ============================
         
--- --- ---


also yontoo ist schonmal weg
wenn du mir jetzt noch sagst das alles in ordnung ist wäre das großartig

schonmal jetzt von mir n dickes lob für die schnelle und unkomplizierte hilfe

danke 1000 mal ))

Alt 18.07.2013, 13:45   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam. - Standard

Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.



Ist es, fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.
anderen, anweisung, beseitigen, computer, dateien, daten, einträge, festplatte, forum, home, install.exe, interne, internet, langsam, langsamer, manager, microsoft office starter 2010, nicht mehr, nichts, platte, plug-in, problem, richtlinie, schnell, seite, task manager, thread, tutorial, version, wildtangent games, yontoo internet langsam extrem trojaner



Ähnliche Themen: Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam.


  1. Nach Download läuft alles sehr sehr langsam, Internet funktioniert nicht, Programme lassen sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 02.09.2015 (3)
  2. PC sehr langsam, Programm lässt sich nicht deinstallieren.
    Plagegeister aller Art und deren Bekämpfung - 06.03.2015 (21)
  3. PC mit Win 7 64 bit wird langsam, Mehrere Internet Explorer Prozesse machen sich auf, Antivir wird geblockt, lässt sich nicht mehr starten
    Plagegeister aller Art und deren Bekämpfung - 23.08.2014 (7)
  4. Windows 7: istart.websearches lässt sich nicht deinstallieren. Rechner sehr langsam.
    Log-Analyse und Auswertung - 23.06.2014 (5)
  5. Computerspiel lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 19.04.2014 (5)
  6. yontoo 2.052 lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 07.02.2014 (5)
  7. snap.do lässt sich GAR NICHT deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 24.10.2013 (13)
  8. HDvid Codec V1 eingefangen, lässt sich nicht deinstallieren, Rechner hängt sich bei Beutzerwechsel auf
    Log-Analyse und Auswertung - 28.09.2013 (15)
  9. Windows 7 : Yontoo 2.052 lässt sich nicht deinstallieren
    Log-Analyse und Auswertung - 10.09.2013 (9)
  10. Yontoo 2.053 lässt sich nicht deinstallieren / Werbebanner in Firefox
    Plagegeister aller Art und deren Bekämpfung - 21.06.2013 (17)
  11. Iminent lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 01.06.2013 (7)
  12. Yontoo Adware lässt sich nicht deinstallieren, habe Scans durchgeführt
    Log-Analyse und Auswertung - 22.05.2013 (4)
  13. Yontoo 1.10.03 lässt sich nicht entfernen
    Log-Analyse und Auswertung - 10.04.2013 (12)
  14. virus programme lassen sich nicht installieren, pc ist extrem langsam
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (7)
  15. Toolbar lässt sich nicht löschen, Internet extrem langsam geworden
    Plagegeister aller Art und deren Bekämpfung - 24.06.2012 (1)
  16. Internet extrem langsam und Browser reagiert fast nicht [Virus?]
    Plagegeister aller Art und deren Bekämpfung - 13.01.2012 (1)
  17. AVG lässt sich nicht deinstallieren
    Log-Analyse und Auswertung - 24.05.2011 (3)

Zum Thema Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam. - sehr geehrten gelben engel ich habe ein problem was ich alleine nicht mehr beseitigen kann. seit geraumer zeit wurde mein internet immer langsamer und ich konnte mir nicht vorstellen wieso,also - Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam....
Archiv
Du betrachtest: Yontoo 2.051 lässt sich nicht deinstallieren/trojaner/virus internet downloads extrem langsam. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.